Join us for an interactive workshop featuring GRC Analyst & Pundit Michael Rasmussen. The workshops will help organizations work through the components of their GRC-related strategies.

Registration is complimentary; however, space is limited. Sign up today!

Earn CPE Credit!


Enterprise GRC by Design Workshop

Tuesday, November 30 | JW Marriott Minneapolis | 9am - 5pm

Governance, risk management & compliance (GRC) is something an organization does, not something an organization buys. Done properly, GRC is what is achieved throughout the business and its operations. By definition, GRC is “a capability to reliably achieve objectives [governance], while addressing uncertainty [risk management], and acting with integrity [compliance].” This requires that GRC be understood in the context of enterprise strategy, objectives, architecture, and processes. Designing mature GRC processes that align with the organization requires an understanding of what the organization is about, how it operates, and how it should be monitored and controlled. This is done through defining the right GRC process, information, and technology architecture.

GRC by Design requires an enterprise/organization architecture approach to the organization and how it operates. This workshop aims to provide a blueprint for effective enterprise GRC strategies in a dynamic business, regulatory, and risk environment. Attendees will learn enterprise GRC strategies and techniques that can be applied across the organization. Learning is done through lectures, collaboration with peers, and workshop tasks.

You'll gain actionable GRC takeaways for your organization's performance, strategy, objectives, obligations, and risks, as well as its culture and values, including:

  • What effective enterprise GRC processes look like.
  • How to integrate strategy with enterprise GRC processes and operations.
  • How to define enterprise GRC information architecture to provide 360° situational awareness of GRC in context of the organization’s strategy and operations.
  • How to use technology to bring together diverse and distributed GRC departments and functions into an integrated architecture aligned with the strategy and operations of the organization.

Registration is complimentary (including breakfast and lunch).


Compliance Management by Design Workshop

Thursday, December 2 | Westin Times Square | 9am - 5pm

Compliance is not easy. Organizations across industries have global clients, partners, and business operations. The larger the organization the more complex its operations. Complicating matters, today’s organization is dynamic and constantly changing. The modern organization adjusts by the minute. New employees come, others leave, roles change. New business-partner relationships are established, others are terminated. The business enters new markets, opens new facilities, contracts with agents, or introduces new products. New laws are introduced, regulations change, the risk environment shifts (e.g., economic, geo-political, operational), impacting how business is conducted.

The dynamic and global nature of business is particularly challenging to compliance management. What may seem insignificant in one area can have profound impact on others. Compliance obligations and ethical risk is like the hydra in mythology—organizations combat risk, only to find more risk springing up. Executives react to changing compliance requirements and fluctuating legal and ethical exposures, yet fail to actively manage and understand the interrelationship of risk and compliance.

To maintain compliance and mitigate risk exposure, an organization must stay on top of changing regulatory requirements, as well as a changing business environment, and ensure those changes are in sync. Demands from governments, the public, business partners, and clients require your organization to implement defined compliance practices that are monitored and adapted to the demands of a changing business and regulatory environment. Compliance activities managed in silos often lead to the inevitable failure of an organization’s governance, risk management, and compliance (GRC) program. Reactive, document-centric, siloed information and processes fail to manage compliance, leaving stakeholders blind to the intricate relationships of compliance risk across the business. Management is not thinking about how compliance and risk management processes can provide greater insight.

This ad hoc approach results in poor visibility across the organization and its control environment. Yesterday’s compliance program no longer works. Boards desire a deeper understanding of how the organization is addressing compliance risk, whether its activities are effective, and how they are enhancing shareholder value. Oversight demands are changing the role of the compliance department to an active, independent program that can manage and monitor compliance risk from the top down.

The breadth and depth of compliance risk bearing down on companies today requires a robust compliance program operating in the context of integrated enterprise risk management. This workshop aims to provide a blueprint for effective compliance management in a dynamic business, regulatory, and risk environment. Attendees will learn compliance management governance and process that can be applied across the organization at either an enterprise or a department level. Learning is done through lectures, collaboration with peers, and workshop tasks.

After the workshop you'll take back new approaches to:

  • Effectively manage compliance
  • Understand the challenges and pitfalls of managing compliance
  • Achieve success capitalizing on agility while maintaining compliance
  • Facilitate ongoing monitoring of compliance
  • Define compliance management lifecycle for managing and monitoring compliance
  • Establish compliance management ownership and accountability
  • Provide compliance management process consistency
  • Communicate effectively with employees and stakeholders on matters of compliance
  • Track critical compliance workflow and tasks
  • Deliver effective compliance governance and assurance to the board of directors, regulators, and stakeholders
  • Monitor metrics to establish effectiveness or compliance management
  • Identify and resolve compliance issues

Registration is complimentary (including breakfast and lunch).


Michael Rasmussen

As the GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized expert on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 27+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures, and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is considered the “Father of GRC,” as the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.

Additional Information
Field of Study: Information Technology
Prerequisites: None
Advanced Preparation: None
Program Level: Basic
Format: Group Internet Based
CPE Credit: 7

CPE Credit Notice

This is a group internet-based event for NASBA authorized continuing education credit. After the webinar, a Certificate of Completion for the webinar indicating 7 hours of CPE credit will be issued to those interested.

Riskonnect is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have the final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: